From f115ae331f94d0a83a9552234fc00f3d4516e6dc Mon Sep 17 00:00:00 2001 From: Simon Date: Thu, 17 Nov 2022 15:26:57 +0100 Subject: [PATCH] :sparkles: :bug: Reading Go Runtime Details from GOENV (#17) * :sparkles: Reading Go Runtime Infos To avoid reading the runtime information of the compiled code vs the real one used by govulncheck * :recycle: Streamlined Function * :white_check_mark: Added test --- main.go | 10 ++++++---- pkg/action/env.go | 43 ++++++++++++++++++++++++++++++++++++++++++ pkg/action/env_test.go | 20 ++++++++++++++++++++ 3 files changed, 69 insertions(+), 4 deletions(-) create mode 100644 pkg/action/env.go create mode 100644 pkg/action/env_test.go diff --git a/main.go b/main.go index 2f687d7..09fb657 100644 --- a/main.go +++ b/main.go @@ -2,8 +2,8 @@ package main import ( "os" - "runtime" + "github.com/Templum/govulncheck-action/pkg/action" "github.com/Templum/govulncheck-action/pkg/github" "github.com/Templum/govulncheck-action/pkg/sarif" "github.com/Templum/govulncheck-action/pkg/vulncheck" @@ -33,10 +33,12 @@ func main() { logger.Debug().Msg("Enabled Local Development mode, scanner will return static result based on found.json") } + info := action.ReadRuntimeInfoFromEnv() + logger.Info(). - Str("Go-Version", runtime.Version()). - Str("Go-Os", runtime.GOOS). - Str("Go-Arch", runtime.GOARCH). + Str("Go-Version", info.Version). + Str("Go-Os", info.Os). + Str("Go-Arch", info.Arch). Msg("GoEnvironment Details:") logger.Debug(). diff --git a/pkg/action/env.go b/pkg/action/env.go new file mode 100644 index 0000000..d22fb9d --- /dev/null +++ b/pkg/action/env.go @@ -0,0 +1,43 @@ +package action + +import ( + "os/exec" + "strings" +) + +type RuntimeInfos struct { + Version string + Os string + Arch string +} + +// ReadRuntimeInfoFromEnv using go env this ensures the real information are used and no compile time versions +func ReadRuntimeInfoFromEnv() *RuntimeInfos { + cmd := exec.Command("go", "env") + out, _ := cmd.Output() + + info := RuntimeInfos{Version: "Unknown", Os: "Unknown", Arch: "Unknown"} + + envs := strings.Split(string(out), "\n") + + for _, env := range envs { + + if strings.Contains(env, "GOARCH") { + keyVal := strings.SplitAfter(env, "=") + info.Arch = strings.Trim(keyVal[1], "\"") + } + + if strings.Contains(env, "GOVERSION") { + keyVal := strings.SplitAfter(env, "=") + info.Version = strings.Trim(keyVal[1], "\"") + } + + if strings.Contains(env, "GOOS") { + keyVal := strings.SplitAfter(env, "=") + info.Os = strings.Trim(keyVal[1], "\"") + } + + } + + return &info +} diff --git a/pkg/action/env_test.go b/pkg/action/env_test.go new file mode 100644 index 0000000..3ea1ab6 --- /dev/null +++ b/pkg/action/env_test.go @@ -0,0 +1,20 @@ +package action + +import ( + "runtime" + "testing" + + "github.com/stretchr/testify/assert" +) + +func TestReadRuntimeInfoFromEnv(t *testing.T) { + t.Run("should go runtime information from go env", func(t *testing.T) { + info := ReadRuntimeInfoFromEnv() + + assert.NotNil(t, info, "should not return nil") + + assert.Equal(t, runtime.Version(), info.Version) + assert.Equal(t, runtime.GOOS, info.Os) + assert.Equal(t, runtime.GOARCH, info.Arch) + }) +}